From fb011cfb02012813c06d2eeb6369de602e52f425 Mon Sep 17 00:00:00 2001 From: Simeon Widdis Date: Mon, 30 Oct 2023 15:57:26 -0700 Subject: [PATCH] Add nginx integration Signed-off-by: Simeon Widdis --- .../nginx/assets/create_mv-1.0.0.sql | 10 +++++++++ .../nginx/assets/create_table-1.0.0.sql | 18 ++++++++++++++++ .../nginx/assets/refresh_mv-1.0.0.sql | 1 + .../repository/nginx/nginx-1.0.0.json | 21 +++++++++++++++++-- 4 files changed, 48 insertions(+), 2 deletions(-) create mode 100644 server/adaptors/integrations/__data__/repository/nginx/assets/create_mv-1.0.0.sql create mode 100644 server/adaptors/integrations/__data__/repository/nginx/assets/create_table-1.0.0.sql create mode 100644 server/adaptors/integrations/__data__/repository/nginx/assets/refresh_mv-1.0.0.sql diff --git a/server/adaptors/integrations/__data__/repository/nginx/assets/create_mv-1.0.0.sql b/server/adaptors/integrations/__data__/repository/nginx/assets/create_mv-1.0.0.sql new file mode 100644 index 000000000..8b29fdf0b --- /dev/null +++ b/server/adaptors/integrations/__data__/repository/nginx/assets/create_mv-1.0.0.sql @@ -0,0 +1,10 @@ +CREATE MATERIALIZED VIEW {table_name}_mview AS +SELECT + to_timestamp(trim(BOTH '[]' FROM concat(time_local_1, ' ', time_local_2)), 'dd/MMM/yyyy:HH:mm:ss Z') AS `@timestamp`, + split_part (request, ' ', 1) as `http.request.method`, + split_part (request, ' ', 2) as `http.url`, + split_part (request, ' ', 3) as `http.flavor`, + status AS `http.response.status_code`, + body_bytes_sent AS `http.response.bytes`, + 'nginx.access' AS `event.domain` +FROM {table_name} diff --git a/server/adaptors/integrations/__data__/repository/nginx/assets/create_table-1.0.0.sql b/server/adaptors/integrations/__data__/repository/nginx/assets/create_table-1.0.0.sql new file mode 100644 index 000000000..38f719421 --- /dev/null +++ b/server/adaptors/integrations/__data__/repository/nginx/assets/create_table-1.0.0.sql @@ -0,0 +1,18 @@ +CREATE EXTERNAL TABLE {table_name} ( + remote_addr STRING, + empty_col STRING, + remote_user STRING, + time_local_1 STRING, + time_local_2 STRING, + request STRING, + status INT, + body_bytes_sent INT, + http_referer STRING, + http_user_agent STRING, + gzip_ratio STRING +) USING csv +LOCATION '{s3_bucket_location}' +OPTIONS ( + sep=' ', + nullValue='-' +) diff --git a/server/adaptors/integrations/__data__/repository/nginx/assets/refresh_mv-1.0.0.sql b/server/adaptors/integrations/__data__/repository/nginx/assets/refresh_mv-1.0.0.sql new file mode 100644 index 000000000..458202eae --- /dev/null +++ b/server/adaptors/integrations/__data__/repository/nginx/assets/refresh_mv-1.0.0.sql @@ -0,0 +1 @@ +REFRESH MATERIALIZED VIEW {table_name}_mview diff --git a/server/adaptors/integrations/__data__/repository/nginx/nginx-1.0.0.json b/server/adaptors/integrations/__data__/repository/nginx/nginx-1.0.0.json index 975430d0d..aadcae2f0 100644 --- a/server/adaptors/integrations/__data__/repository/nginx/nginx-1.0.0.json +++ b/server/adaptors/integrations/__data__/repository/nginx/nginx-1.0.0.json @@ -5,7 +5,7 @@ "description": "Nginx HTTP server collector", "license": "Apache-2.0", "type": "logs", - "labels": ["Observability", "Logs"], + "labels": ["Observability", "Logs", "Flint S3"], "author": "OpenSearch", "sourceUrl": "https://github.com/opensearch-project/dashboards-observability/tree/main/server/adaptors/integrations/__data__/repository/nginx/info", "statics": { @@ -38,7 +38,24 @@ "savedObjects": { "name": "nginx", "version": "1.0.0" - } + }, + "queries": [ + { + "name": "create_table", + "version": "1.0.0", + "language": "sql" + }, + { + "name": "create_mv", + "version": "1.0.0", + "language": "sql" + }, + { + "name": "refresh_mv", + "version": "1.0.0", + "language": "sql" + } + ] }, "sampleData": { "path": "sample.json"